think i may be infected

[princetongrad24]

My nortn, super antispyware, and malwarebytes full sdans have been scanning way less files than normal. im concerned malware/a hacker may be preventing the scanners from scanning everything.

 

here are my dds logs

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8
Boot Device: \Device\HarddiskVolume2
Install Date: 12/30/2013 1:07:37 PM
System Uptime: 1/1/2014 7:01:01 PM (5 hours ago)
.
Motherboard: TOSHIBA |  | Portable PC
Processor: Intel® Core i3-3110M CPU @ 2.40GHz | U3E1 | 2400/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 586 GiB total, 561.342 GiB free.
D: is CDROM (UDF)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.3)
AntiLogger Free version 1.7.2.322
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
Bejeweled 3
COMODO Firewall
Comodo IceDragon
D3DX10
Farmscapes
FATE
Intel® Management Engine Components
Intel® Processor Graphics
Intel® Rapid Storage Technology
Intel® SDK for OpenCL - CPU Only Runtime Package
Intel® Trusted Connect Service Client
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft Application Error Reporting
Microsoft Office
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Movie Maker
MSVCRT
MSVCRT110
MSVCRT110_amd64
Norton Anti-Theft
Norton Internet Security
Norton Online Backup
Norton Online Backup ARA
Norton PC Checkup
Norton Security Dashboard
Origin
Penguins!
Photo Common
Photo Gallery
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime amd64
Polar Bowler
Premium Sound HD
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Realtek WLAN Driver
SUPERAntiSpyware
Synaptics Pointing Device Driver
Toshiba App Place
TOSHIBA Application Installer
Toshiba Book Place
TOSHIBA Desktop Assist
TOSHIBA eco Utility
TOSHIBA Function Key
TOSHIBA Password Utility
TOSHIBA PC Health Monitor
TOSHIBA Quality Application
TOSHIBA Recovery Media Creator
TOSHIBA Resolution+ Plug-in for Windows Media Player
TOSHIBA Service Station
TOSHIBA System Driver
TOSHIBA System Settings
TOSHIBA User's Guide
TOSHIBA VIDEO PLAYER
TOSHIBARegistration
Update Installer for WildTangent Games App
Virtual Villagers 4 - The Tree of Life
WildTangent Games
WildTangent Games App (Toshiba Games)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
.
==== Event Viewer Messages From Past Week ========
.
1/1/2014 11:52:31 AM, Error: Service Control Manager [7001]  - The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error:  The dependency service or group failed to start.
1/1/2014 11:52:19 AM, Error: Service Control Manager [7001]  - The Network Location Awareness service depends on the DHCP Client service which failed to start because of the following error:  The dependency service or group failed to start.
1/1/2014 11:52:19 AM, Error: Service Control Manager [7001]  - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:  The dependency service or group failed to start.
1/1/2014 11:52:19 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netprofm with arguments "Unavailable" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
1/1/2014 11:52:14 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
1/1/2014 11:52:01 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "Unavailable" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
1/1/2014 11:51:48 AM, Error: Service Control Manager [7001]  - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
1/1/2014 11:51:48 AM, Error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
1/1/2014 11:51:48 AM, Error: Service Control Manager [7001]  - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub System service which failed to start because of the following error:  A device attached to the system is not functioning.
1/1/2014 11:51:48 AM, Error: Service Control Manager [7001]  - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
1/1/2014 11:51:48 AM, Error: Service Control Manager [7001]  - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
1/1/2014 11:51:48 AM, Error: Service Control Manager [7001]  - The Network Store Interface Service service depends on the NSI Proxy Service Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
1/1/2014 11:51:48 AM, Error: Service Control Manager [7001]  - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
1/1/2014 11:51:48 AM, Error: Service Control Manager [7001]  - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
1/1/2014 11:51:48 AM, Error: Service Control Manager [7001]  - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
1/1/2014 1:09:03 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
1/1/2014 1:08:39 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service cmdAgent with arguments "Unavailable" in order to run the server: {C288AC5A-D846-4696-8028-2DF6F508D0D9}
.
==== End Of File ===========================
 

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16384
Run by toshiba at 0:01:29 on 2014-01-02
Microsoft Windows 8  6.2.9200.0.1252.1.1033.18.3980.1659 [GMT -8:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: COMODO Antivirus *Disabled/Outdated* {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
FW: COMODO Firewall *Disabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\WLANExt.exe
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
C:\WINDOWS\system32\taskhostex.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\ccSvcHst.exe
C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\Toshiba\Teco\TecoService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\System32\igfxtray.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\ccSvcHst.exe
C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe
C:\Program Files\Toshiba\Teco\TecoResident.exe
C:\Program Files (x86)\Toshiba\System Setting\TSleepSrv.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\Program Files (x86)\Comodo\IceDragon\icedragon.exe
C:\Program Files (x86)\Comodo\IceDragon\plugin-container.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\SymcPCCULaunchSvc.exe
C:\Program Files (x86)\Toshiba\ToshibaRegistration\TaisRegistPinger.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe
C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\WINDOWS\system32\taskhost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\SysWOW64\NOTEPAD.EXE
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.

uWindow Title = Internet Explorer provided by TOSHIBA


mWindow Title = Internet Explorer provided by TOSHIBA

mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ips\ipsbho.dll
uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
mRun: [ZALFree] "C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe" /MINIMIZED
TCP: NameServer = 192.141.1.8
TCP: Interfaces\{78B887CA-28F6-4A8C-9F90-CCE2BD209E9D} : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{78B887CA-28F6-4A8C-9F90-CCE2BD209E9D} : DHCPNameServer = 192.141.1.8
TCP: Interfaces\{78B887CA-28F6-4A8C-9F90-CCE2BD209E9D}\4505D2C494E4B4F5441353735454 : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{78B887CA-28F6-4A8C-9F90-CCE2BD209E9D}\4505D2C494E4B4F5441353735454 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{78B887CA-28F6-4A8C-9F90-CCE2BD209E9D}\84F45535540534F5E4564777F627B6 : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{78B887CA-28F6-4A8C-9F90-CCE2BD209E9D}\84F45535540534F5E4564777F627B6 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{78B887CA-28F6-4A8C-9F90-CCE2BD209E9D}\84F45535540534F5E4564777F627B6F523 : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{78B887CA-28F6-4A8C-9F90-CCE2BD209E9D}\84F45535540534F5E4564777F627B6F523 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{78B887CA-28F6-4A8C-9F90-CCE2BD209E9D}\86F6D65602E6564777F627B6 : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{78B887CA-28F6-4A8C-9F90-CCE2BD209E9D}\86F6D65602E6564777F627B6 : DHCPNameServer = 192.184.1.2
TCP: Interfaces\{78B887CA-28F6-4A8C-9F90-CCE2BD209E9D}\F4572734F6D60757475627 : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{78B887CA-28F6-4A8C-9F90-CCE2BD209E9D}\F4572734F6D60757475627 : DHCPNameServer = 192.158.1.6
TCP: Interfaces\{78B887CA-28F6-4A8C-9F90-CCE2BD209E9D}\F6572786F6573756 : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{78B887CA-28F6-4A8C-9F90-CCE2BD209E9D}\F6572786F6573756 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{B9033930-BCB5-4D24-A011-D7BC3168231E} : NameServer = 156.154.70.22,156.154.71.22
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL
SSODL: WebCheck - <orphaned>

x64-mWindow Title = Internet Explorer provided by TOSHIBA

x64-Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
x64-Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [sRS Premium Sound HD] "C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe"  /f="C:\Program Files\SRS Labs\SRS Control Panel\SRS_Premium_Sound_HD.zip" /h
x64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\Hotkey\TCrdMain_Win8.exe
x64-Run: [TecoResident] C:\Program Files\TOSHIBA\Teco\TecoResident.exe
x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
x64-Run: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe
x64-Run: [TODDMain] C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\WINDOWS\System32\Drivers\iaStorA.sys [2012-12-9 645952]
R0 SMR410;Symantec SMR Utility Service 4.1.0;C:\WINDOWS\System32\Drivers\SMR410.SYS [2014-1-1 96856]
R1 ccSet_NARA;NARA Settings Manager;C:\WINDOWS\System32\Drivers\NARAx64\0401000.00B\ccSetx64.sys [2012-9-3 168608]
R1 ccSet_NAT;Norton Anti-Theft Settings Manager;C:\WINDOWS\System32\Drivers\NATx64\010A000.009\ccSetx64.sys [2013-12-31 150104]
R1 cmderd;COMODO Internet Security Eradication Driver;C:\WINDOWS\System32\Drivers\cmderd.sys [2013-9-24 23168]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\WINDOWS\System32\Drivers\cmdguard.sys [2013-11-14 715824]
R1 cmdhlp;COMODO Internet Security Helper Driver;C:\WINDOWS\System32\Drivers\cmdhlp.sys [2013-9-24 38072]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-10-10 144152]
R2 IceDragonUpdater;COMODO IceDragon Update Service;C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe [2013-12-19 1821384]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-12-9 129856]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-12-9 166720]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-12-30 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-12-30 701512]
R2 NAT;Norton Anti-Theft;C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe [2013-12-31 232424]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccsvchst.exe [2013-12-30 144368]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2012-7-11 3939008]
R2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\SymcPCCULaunchSvc.exe [2012-9-3 123320]
R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\ccSvcHst.exe [2012-9-3 126392]
R2 taisregispinger;taisregispinger;C:\Program Files (x86)\Toshiba\ToshibaRegistration\TaisRegistPinger.exe [2012-9-3 2196120]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\Toshiba\Teco\TecoService.exe [2012-8-24 291240]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\WINDOWS\System32\Drivers\TVALZFL.sys [2012-7-21 16768]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-12-9 365376]
R3 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20131203.001\BHDrvx64.sys [2013-12-3 1526488]
R3 ccSet_NIS;Norton Internet Security Settings Manager;C:\WINDOWS\System32\Drivers\NISx64\1404000.028\ccsetx64.sys [2013-12-30 169048]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-12-30 137648]
R3 FwLnk;FwLnk Driver;C:\WINDOWS\System32\Drivers\FwLnk.sys [2012-12-9 9216]
R3 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20131231.001\IDSviA64.sys [2013-12-31 521944]
R3 IntcDAud;Intel® Display Audio;C:\WINDOWS\System32\Drivers\IntcDAud.sys [2012-6-19 342528]
R3 keycrypt;keycrypt;C:\WINDOWS\System32\Drivers\KeyCrypt64.sys [2013-12-30 25568]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\WINDOWS\System32\Drivers\L1C63x64.sys [2012-7-13 103936]
R3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\Drivers\mbam.sys [2013-12-30 25928]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\WINDOWS\System32\Drivers\RtsUVStor.sys [2012-12-9 315536]
R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;C:\WINDOWS\System32\Drivers\rtwlane.sys [2012-6-29 1498256]
R3 SmbDrvI;SmbDrvI;C:\WINDOWS\System32\Drivers\Smb_driver_Intel.sys [2012-8-16 43832]
R3 SymDS;Symantec Data Store;C:\WINDOWS\System32\Drivers\NISx64\1404000.028\symds64.sys [2013-12-30 493656]
R3 SymEFA;Symantec Extended File Attributes;C:\WINDOWS\System32\Drivers\NISx64\1404000.028\symefa64.sys [2013-12-30 1139800]
R3 SymIRON;Symantec Iron Driver;C:\WINDOWS\System32\Drivers\NISx64\1404000.028\ironx64.sys [2013-12-30 224416]
R3 SymNetS;Symantec Network Security WFP Driver;C:\WINDOWS\System32\Drivers\NISx64\1404000.028\symnets.sys [2013-12-30 433752]
R3 TMachInfo;TMachInfo;C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2012-7-27 53384]
R3 tos_sps64;TOSHIBA tos_sps64 Service;C:\WINDOWS\System32\Drivers\tos_sps64.sys [2012-12-9 499096]
R3 TPCHSrv;TPCH Service;C:\Program Files\Toshiba\TPHM\TPCHSrv.exe [2012-7-28 458152]
S0 SymELAM;Symantec ELAM Driver;C:\WINDOWS\System32\Drivers\NISx64\1404000.028\symelam.sys [2013-12-30 23448]
S3 cmdvirth;COMODO Virtual Service Manager;C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-9-24 164056]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\WINDOWS\System32\Drivers\rtwlane.sys [2012-6-29 1498256]
.
=============== Created Last 30 ================
.
2014-01-02 03:00:16    96856    ----a-w-    C:\WINDOWS\System32\drivers\SMR410.SYS
2014-01-02 02:58:06    --------    d-----w-    C:\Users\toshiba\AppData\Local\NPE
2014-01-01 07:06:24    236208    ----a-w-    C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10229.bin
2014-01-01 07:00:57    50784    ----a-w-    C:\ProgramData\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2014-01-01 07:00:17    17536    ----a-w-    C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2014-01-01 06:58:35    150104    ----a-r-    C:\WINDOWS\System32\drivers\NATx64\010A000.009\ccSetx64.sys
2014-01-01 06:58:29    --------    d-----w-    C:\WINDOWS\System32\drivers\NATx64\010A000.009
2013-12-31 04:48:18    --------    d-----w-    C:\Users\toshiba\AppData\Local\Macromedia
2013-12-31 04:47:17    --------    d-----w-    C:\Users\toshiba\AppData\Local\Adobe
2013-12-30 23:18:44    --------    d-----w-    C:\Users\toshiba\AppData\Local\CrashDumps
2013-12-30 22:41:04    796760    ----a-w-    C:\WINDOWS\System32\drivers\NISx64\1404000.028\srtsp64.sys
2013-12-30 22:41:04    493656    ----a-w-    C:\WINDOWS\System32\drivers\NISx64\1404000.028\symds64.sys
2013-12-30 22:41:04    433752    ----a-w-    C:\WINDOWS\System32\drivers\NISx64\1404000.028\symnets.sys
2013-12-30 22:41:04    36952    ----a-w-    C:\WINDOWS\System32\drivers\NISx64\1404000.028\srtspx64.sys
2013-12-30 22:41:04    23448    ----a-r-    C:\WINDOWS\System32\drivers\NISx64\1404000.028\symelam.sys
2013-12-30 22:41:04    224416    ----a-w-    C:\WINDOWS\System32\drivers\NISx64\1404000.028\ironx64.sys
2013-12-30 22:41:04    169048    ----a-w-    C:\WINDOWS\System32\drivers\NISx64\1404000.028\ccsetx64.sys
2013-12-30 22:41:04    1139800    ----a-w-    C:\WINDOWS\System32\drivers\NISx64\1404000.028\symefa64.sys
2013-12-30 22:40:36    --------    d-----w-    C:\WINDOWS\System32\drivers\NISx64\1404000.028
2013-12-30 22:25:57    --------    d-----w-    C:\Program Files (x86)\Common Files\Symantec Shared
2013-12-30 22:25:43    --------    d-s---w-    C:\ProgramData\Shared Space
2013-12-30 22:25:22    --------    d-----w-    C:\Program Files\COMODO
2013-12-30 22:25:14    --------    d-----w-    C:\ProgramData\Comodo
2013-12-30 22:25:08    --------    d-----w-    C:\ProgramData\Comodo Downloader
2013-12-30 22:16:01    --------    d-----w-    C:\Users\toshiba\AppData\Roaming\SUPERAntiSpyware.com
2013-12-30 22:15:47    --------    d-----w-    C:\ProgramData\SUPERAntiSpyware.com
2013-12-30 22:15:47    --------    d-----w-    C:\Program Files\SUPERAntiSpyware
2013-12-30 21:39:25    13    --sh--r-    C:\WINDOWS\System32\drivers\fbd.sys
2013-12-30 21:28:52    --------    d-----w-    C:\Users\toshiba\AppData\Roaming\Malwarebytes
2013-12-30 21:28:47    --------    d-----w-    C:\ProgramData\Malwarebytes
2013-12-30 21:28:46    25928    ----a-w-    C:\WINDOWS\System32\drivers\mbam.sys
2013-12-30 21:28:46    --------    d-----w-    C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-30 21:21:59    --------    d-----w-    C:\Users\toshiba\AppData\Roaming\Comodo
2013-12-30 21:21:59    --------    d-----w-    C:\Users\toshiba\AppData\Local\Comodo
2013-12-30 21:21:29    --------    d-----w-    C:\Program Files (x86)\Comodo
2013-12-30 21:20:29    348160    ----a-w-    C:\WINDOWS\SysWow64\msvcr71.dll
2013-12-30 21:20:29    1060864    ----a-w-    C:\WINDOWS\SysWow64\mfc71.dll
2013-12-30 21:18:38    25568    ----a-w-    C:\WINDOWS\System32\drivers\KeyCrypt64.sys
2013-12-30 21:18:38    --------    d-----w-    C:\Program Files (x86)\KeyCryptSDK
2013-12-30 21:18:37    --------    d-----w-    C:\Users\toshiba\AppData\Local\AntiLogger Free
2013-12-30 21:18:37    --------    d-----w-    C:\Program Files (x86)\Zemana AntiLogger Free
2013-12-30 21:18:20    --------    d-----w-    C:\Users\toshiba\AppData\Local\Programs
2013-12-30 21:11:22    --------    d-sh--w-    C:\$RECYCLE.BIN
2013-12-30 21:11:01    --------    d-----w-    C:\Users\toshiba\AppData\Local\TOSHIBA
2013-12-30 21:10:59    --------    d-----w-    C:\Users\toshiba\AppData\Local\SRS Labs
2013-12-30 21:10:06    --------    d-----r-    C:\Users\toshiba\Searches
2013-12-30 21:10:05    --------    d-----r-    C:\Users\toshiba\Contacts
2013-12-30 21:08:59    --------    d-----w-    C:\Users\toshiba\AppData\Roaming\WinBatch
2013-12-30 21:08:29    --------    d-----w-    C:\Users\toshiba\AppData\Local\VirtualStore
2013-12-30 21:08:13    --------    d-----w-    C:\Users\toshiba\AppData\Local\Packages
.
==================== Find3M  ====================
.
2013-12-30 22:41:20    177312    ----a-w-    C:\WINDOWS\System32\drivers\SYMEVENT64x86.SYS
2013-11-14 19:38:24    715824    ----a-w-    C:\WINDOWS\System32\drivers\cmdguard.sys
2013-11-14 19:38:02    43216    ----a-w-    C:\WINDOWS\System32\cmdcsr.dll
.
============= FINISH:  0:02:33.77 ===============
 

[Maniac]

Hello princetongrad24! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

• If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
• I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
• Make sure you read all of the instructions and fixes thoroughly before continuing with them.
• Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
• Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
• Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

It is completely normal, because you have two firewalls. That is the problem.

Step 1

Please uninstall Comodo Firewall .

Step 2

Follow the instructions here:

https://forums.malwarebytes.org/index.php?showtopic=135381&p=745769

When you are done, reboot your system.

Step 3

• Launch Malwarebytes' Anti-Malware
• Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
• Go to Scanner tab and select Perform Quick Scan, then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

[princetongrad24]

thanks for the reply, is there anyway, i dont have to uninstall comodo?  i use it all the time. can i just disable it for the scan?

btw, does my dds log indicate infection?

i also want to point out that I have norton 2013, not 2014. i'm not sure how to add those files to the exceptions?

thanks

[princetongrad24]

oh btw, i think windows firewall is disabled, if you mean that is the second firewall

[princetongrad24]

so, i added those files to norton, i disabled comodo, rebooted pc, and then ran updated quick scan on mwb. i'll pot the log below.

question-did my dds log show signs of infection, or was it normal? btw, in the past, i always had the comodo firewall, and never excluded from norton, but mroe files were present.

thanks for your expertise.

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.02.04

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16384
toshiba :: PC [administrator]

Protection: Enabled

1/2/2014 7:35:28 PM
mbam-log-2014-01-02 (19-35-28).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 205228
Time elapsed: 3 minute(s), 15 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 

[Maniac]

There was a problem between both protections. Now everything should be fine.

Please manually delete DDS .

Safe surfing!

[princetongrad24]

thanks for the replies maniac, but I would lie to avoid uninstalling comodo. I don't think that is what the problem is.

[Maniac]

You don't think what exactly? When you came here there were two firewalls, which is actually in itself mean big problems because they monitor your programs. Accordingly, they are monitored from one another.

FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

FW: COMODO Firewall *Disabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}

[AdvancedSetup]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!